Sunday, July 25, 2021

Unpatched Java flaw Hit in Targeted Attacks, Researchers Say

Computerworld: Researchers from several security firms are warning about a new attack which targets a vulnerability in Java 7 Update 6, the latest version of Java. The attack code is hosted by a website with a Chinese IP address and delivers malware from servers in Singapore. The malware appears to be a variation of Poison Ivy, a Trojan used for cyberespionage.

“This vulnerability is not a ‘memory corruption’ type vulnerability, but instead seems to be a security bypass issue that allows running untrusted code outside the sandbox without user interaction,” explained Carsten Eiram of security vendor Secunia. “In this specific case a file is downloaded and executed on the user’s system when just visiting a web page hosting a malicious applet.”

Oracle has not said when it will release a patch for the problem. “We are not aware of any fixes or workarounds except disabling/uninstalling Java,” noted Eiram.

Similar articles

Latest Articles

Data Science Market Trends...

When famed mathematician John W. Tukey postulated that advanced computing would have a profound effect on data analysis, he probably didn’t imagine the full...

Data Recovery Market Trends...

Data recovery is more important than ever in this era of constant cyber attacks and ransomware. The Verizon Data Breach Investigations Report (DBIR) looked...

Trends in Data Visualization

In a world of big data, visualization is becoming a key skill set that every business must master.  Digital technology has transformed the way businesses...

Microsoft Data Portfolio Review

With a host of analytics services for almost any situation, Microsoft Azure’s data services have got just about every base covered.   In the world...